06bd2a5ce2
* zypper_repository add auto_import_keys options * also give more output on failure (rc, stdout, stderr) * be more specific in the doc for auto_import_keys * add runrefresh option to zypper_repository * this comes out of ansible/ansible-modules-extras#2411, where AnderEnder adds refresh to the zypper module * adds a way to force zypper to refresh a repository * can be used to refresh independently of auto_import_keys * add option to run name=* runrefresh=yes * name runrefresh to not break existing use to refresh (now alias to autorefresh) * add version_added flag to autorefresh * remove wrong version_added comment
378 lines
13 KiB
Python
378 lines
13 KiB
Python
#!/usr/bin/python
|
|
# encoding: utf-8
|
|
|
|
# (c) 2013, Matthias Vogelgesang <matthias.vogelgesang@gmail.com>
|
|
# (c) 2014, Justin Lecher <jlec@gentoo.org>
|
|
#
|
|
# This file is part of Ansible
|
|
#
|
|
# Ansible is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# Ansible is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
DOCUMENTATION = '''
|
|
---
|
|
module: zypper_repository
|
|
author: "Matthias Vogelgesang (@matze)"
|
|
version_added: "1.4"
|
|
short_description: Add and remove Zypper repositories
|
|
description:
|
|
- Add or remove Zypper repositories on SUSE and openSUSE
|
|
options:
|
|
name:
|
|
required: false
|
|
default: none
|
|
description:
|
|
- A name for the repository. Not required when adding repofiles.
|
|
repo:
|
|
required: false
|
|
default: none
|
|
description:
|
|
- URI of the repository or .repo file. Required when state=present.
|
|
state:
|
|
required: false
|
|
choices: [ "absent", "present" ]
|
|
default: "present"
|
|
description:
|
|
- A source string state.
|
|
description:
|
|
required: false
|
|
default: none
|
|
description:
|
|
- A description of the repository
|
|
disable_gpg_check:
|
|
description:
|
|
- Whether to disable GPG signature checking of
|
|
all packages. Has an effect only if state is
|
|
I(present).
|
|
- Needs zypper version >= 1.6.2.
|
|
required: false
|
|
default: "no"
|
|
choices: [ "yes", "no" ]
|
|
autorefresh:
|
|
description:
|
|
- Enable autorefresh of the repository.
|
|
required: false
|
|
default: "yes"
|
|
choices: [ "yes", "no" ]
|
|
aliases: [ "refresh" ]
|
|
priority:
|
|
description:
|
|
- Set priority of repository. Packages will always be installed
|
|
from the repository with the smallest priority number.
|
|
- Needs zypper version >= 1.12.25.
|
|
required: false
|
|
version_added: "2.1"
|
|
overwrite_multiple:
|
|
description:
|
|
- Overwrite multiple repository entries, if repositories with both name and
|
|
URL already exist.
|
|
required: false
|
|
default: "no"
|
|
choices: [ "yes", "no" ]
|
|
version_added: "2.1"
|
|
auto_import_keys:
|
|
description:
|
|
- Automatically import the gpg signing key of the new or changed repository.
|
|
- Has an effect only if state is I(present). Has no effect on existing (unchanged) repositories or in combination with I(absent).
|
|
- Implies runrefresh.
|
|
required: false
|
|
default: "no"
|
|
choices: ["yes", "no"]
|
|
version_added: "2.2"
|
|
runrefresh:
|
|
description:
|
|
- Refresh the package list of the given repository.
|
|
- Can be used with repo=* to refresh all repositories.
|
|
required: false
|
|
default: "no"
|
|
choices: ["yes", "no"]
|
|
version_added: "2.2"
|
|
|
|
|
|
|
|
requirements:
|
|
- "zypper >= 1.0 # included in openSuSE >= 11.1 or SuSE Linux Enterprise Server/Desktop >= 11.0"
|
|
'''
|
|
|
|
EXAMPLES = '''
|
|
# Add NVIDIA repository for graphics drivers
|
|
- zypper_repository: name=nvidia-repo repo='ftp://download.nvidia.com/opensuse/12.2' state=present
|
|
|
|
# Remove NVIDIA repository
|
|
- zypper_repository: name=nvidia-repo repo='ftp://download.nvidia.com/opensuse/12.2' state=absent
|
|
|
|
# Add python development repository
|
|
- zypper_repository: repo=http://download.opensuse.org/repositories/devel:/languages:/python/SLE_11_SP3/devel:languages:python.repo
|
|
|
|
# Refresh all repos
|
|
- zypper_repository: repo=* runrefresh=yes
|
|
|
|
# Add a repo and add it's gpg key
|
|
- zypper_repository: repo=http://download.opensuse.org/repositories/systemsmanagement/openSUSE_Leap_42.1/ auto_import_keys=yes
|
|
|
|
# Force refresh of a repository
|
|
- zypper_repository: repo=http://my_internal_ci_repo/repo name=my_ci_repo state=present runrefresh=yes
|
|
'''
|
|
|
|
REPO_OPTS = ['alias', 'name', 'priority', 'enabled', 'autorefresh', 'gpgcheck']
|
|
|
|
from distutils.version import LooseVersion
|
|
|
|
def _parse_repos(module):
|
|
"""parses the output of zypper -x lr and return a parse repo dictionary"""
|
|
cmd = ['/usr/bin/zypper', '-x', 'lr']
|
|
|
|
from xml.dom.minidom import parseString as parseXML
|
|
rc, stdout, stderr = module.run_command(cmd, check_rc=False)
|
|
if rc == 0:
|
|
repos = []
|
|
dom = parseXML(stdout)
|
|
repo_list = dom.getElementsByTagName('repo')
|
|
for repo in repo_list:
|
|
opts = {}
|
|
for o in REPO_OPTS:
|
|
opts[o] = repo.getAttribute(o)
|
|
opts['url'] = repo.getElementsByTagName('url')[0].firstChild.data
|
|
# A repo can be uniquely identified by an alias + url
|
|
repos.append(opts)
|
|
return repos
|
|
# exit code 6 is ZYPPER_EXIT_NO_REPOS (no repositories defined)
|
|
elif rc == 6:
|
|
return []
|
|
else:
|
|
module.fail_json(msg='Failed to execute "%s"' % " ".join(cmd), rc=rc, stdout=stdout, stderr=stderr)
|
|
|
|
def _repo_changes(realrepo, repocmp):
|
|
"Check whether the 2 given repos have different settings."
|
|
for k in repocmp:
|
|
if repocmp[k] and k not in realrepo:
|
|
return True
|
|
|
|
for k, v in realrepo.items():
|
|
if k in repocmp and repocmp[k]:
|
|
valold = str(repocmp[k] or "")
|
|
valnew = v or ""
|
|
if k == "url":
|
|
valold, valnew = valold.rstrip("/"), valnew.rstrip("/")
|
|
if valold != valnew:
|
|
return True
|
|
return False
|
|
|
|
def repo_exists(module, repodata, overwrite_multiple):
|
|
"""Check whether the repository already exists.
|
|
|
|
returns (exists, mod, old_repos)
|
|
exists: whether a matching (name, URL) repo exists
|
|
mod: whether there are changes compared to the existing repo
|
|
old_repos: list of matching repos
|
|
"""
|
|
existing_repos = _parse_repos(module)
|
|
|
|
# look for repos that have matching alias or url to the one searched
|
|
repos = []
|
|
for kw in ['alias', 'url']:
|
|
name = repodata[kw]
|
|
for oldr in existing_repos:
|
|
if repodata[kw] == oldr[kw] and oldr not in repos:
|
|
repos.append(oldr)
|
|
|
|
if len(repos) == 0:
|
|
# Repo does not exist yet
|
|
return (False, False, None)
|
|
elif len(repos) == 1:
|
|
# Found an existing repo, look for changes
|
|
has_changes = _repo_changes(repos[0], repodata)
|
|
return (True, has_changes, repos)
|
|
elif len(repos) >= 2:
|
|
if overwrite_multiple:
|
|
# Found two repos and want to overwrite_multiple
|
|
return (True, True, repos)
|
|
else:
|
|
errmsg = 'More than one repo matched "%s": "%s".' % (name, repos)
|
|
errmsg += ' Use overwrite_multiple to allow more than one repo to be overwritten'
|
|
module.fail_json(msg=errmsg)
|
|
|
|
|
|
def addmodify_repo(module, repodata, old_repos, zypper_version, warnings):
|
|
"Adds the repo, removes old repos before, that would conflict."
|
|
repo = repodata['url']
|
|
cmd = ['/usr/bin/zypper', 'ar', '--check']
|
|
if repodata['name']:
|
|
cmd.extend(['--name', repodata['name']])
|
|
|
|
# priority on addrepo available since 1.12.25
|
|
# https://github.com/openSUSE/zypper/blob/b9b3cb6db76c47dc4c47e26f6a4d2d4a0d12b06d/package/zypper.changes#L327-L336
|
|
if repodata['priority']:
|
|
if zypper_version >= LooseVersion('1.12.25'):
|
|
cmd.extend(['--priority', str(repodata['priority'])])
|
|
else:
|
|
warnings.append("Setting priority only available for zypper >= 1.12.25. Ignoring priority argument.")
|
|
|
|
if repodata['enabled'] == '0':
|
|
cmd.append('--disable')
|
|
|
|
# gpgcheck available since 1.6.2
|
|
# https://github.com/openSUSE/zypper/blob/b9b3cb6db76c47dc4c47e26f6a4d2d4a0d12b06d/package/zypper.changes#L2446-L2449
|
|
# the default changed in the past, so don't assume a default here and show warning for old zypper versions
|
|
if zypper_version >= LooseVersion('1.6.2'):
|
|
if repodata['gpgcheck'] == '1':
|
|
cmd.append('--gpgcheck')
|
|
else:
|
|
cmd.append('--no-gpgcheck')
|
|
else:
|
|
warnings.append("Enabling/disabling gpgcheck only available for zypper >= 1.6.2. Using zypper default value.")
|
|
|
|
if repodata['autorefresh'] == '1':
|
|
cmd.append('--refresh')
|
|
|
|
cmd.append(repo)
|
|
|
|
if not repo.endswith('.repo'):
|
|
cmd.append(repodata['alias'])
|
|
|
|
if old_repos is not None:
|
|
for oldrepo in old_repos:
|
|
remove_repo(module, oldrepo['url'])
|
|
|
|
rc, stdout, stderr = module.run_command(cmd, check_rc=False)
|
|
return rc, stdout, stderr
|
|
|
|
|
|
def remove_repo(module, repo):
|
|
"Removes the repo."
|
|
cmd = ['/usr/bin/zypper', 'rr', repo]
|
|
|
|
rc, stdout, stderr = module.run_command(cmd, check_rc=True)
|
|
return rc, stdout, stderr
|
|
|
|
|
|
def get_zypper_version(module):
|
|
rc, stdout, stderr = module.run_command(['/usr/bin/zypper', '--version'])
|
|
if rc != 0 or not stdout.startswith('zypper '):
|
|
return LooseVersion('1.0')
|
|
return LooseVersion(stdout.split()[1])
|
|
|
|
def runrefreshrepo(module, auto_import_keys=False, shortname=None):
|
|
"Forces zypper to refresh repo metadata."
|
|
cmd = ['/usr/bin/zypper', 'refresh', '--force']
|
|
if auto_import_keys:
|
|
cmd.append('--gpg-auto-import-keys')
|
|
if shortname is not None:
|
|
cmd.extend(['-r', shortname])
|
|
|
|
rc, stdout, stderr = module.run_command(cmd, check_rc=True)
|
|
return rc, stdout, stderr
|
|
|
|
|
|
def main():
|
|
module = AnsibleModule(
|
|
argument_spec=dict(
|
|
name=dict(required=False),
|
|
repo=dict(required=False),
|
|
state=dict(choices=['present', 'absent'], default='present'),
|
|
runrefresh=dict(required=False, default='no', type='bool'),
|
|
description=dict(required=False),
|
|
disable_gpg_check = dict(required=False, default=False, type='bool'),
|
|
autorefresh = dict(required=False, default=True, type='bool', aliases=['refresh']),
|
|
priority = dict(required=False, type='int'),
|
|
enabled = dict(required=False, default=True, type='bool'),
|
|
overwrite_multiple = dict(required=False, default=False, type='bool'),
|
|
auto_import_keys = dict(required=False, default=False, type='bool'),
|
|
),
|
|
supports_check_mode=False,
|
|
required_one_of = [['state','runrefresh']],
|
|
)
|
|
|
|
repo = module.params['repo']
|
|
alias = module.params['name']
|
|
state = module.params['state']
|
|
overwrite_multiple = module.params['overwrite_multiple']
|
|
auto_import_keys = module.params['auto_import_keys']
|
|
runrefresh = module.params['runrefresh']
|
|
|
|
zypper_version = get_zypper_version(module)
|
|
warnings = [] # collect warning messages for final output
|
|
|
|
repodata = {
|
|
'url': repo,
|
|
'alias': alias,
|
|
'name': module.params['description'],
|
|
'priority': module.params['priority'],
|
|
}
|
|
# rewrite bools in the language that zypper lr -x provides for easier comparison
|
|
if module.params['enabled']:
|
|
repodata['enabled'] = '1'
|
|
else:
|
|
repodata['enabled'] = '0'
|
|
if module.params['disable_gpg_check']:
|
|
repodata['gpgcheck'] = '0'
|
|
else:
|
|
repodata['gpgcheck'] = '1'
|
|
if module.params['autorefresh']:
|
|
repodata['autorefresh'] = '1'
|
|
else:
|
|
repodata['autorefresh'] = '0'
|
|
|
|
def exit_unchanged():
|
|
module.exit_json(changed=False, repodata=repodata, state=state)
|
|
|
|
# Check run-time module parameters
|
|
if repo == '*' or alias == '*':
|
|
if runrefresh:
|
|
runrefreshrepo(module, auto_import_keys)
|
|
module.exit_json(changed=False, runrefresh=True)
|
|
else:
|
|
module.fail_json(msg='repo=* can only be used with the runrefresh option.')
|
|
|
|
if state == 'present' and not repo:
|
|
module.fail_json(msg='Module option state=present requires repo')
|
|
if state == 'absent' and not repo and not alias:
|
|
module.fail_json(msg='Alias or repo parameter required when state=absent')
|
|
|
|
if repo and repo.endswith('.repo'):
|
|
if alias:
|
|
module.fail_json(msg='Incompatible option: \'name\'. Do not use name when adding .repo files')
|
|
else:
|
|
if not alias and state == "present":
|
|
module.fail_json(msg='Name required when adding non-repo files.')
|
|
|
|
exists, mod, old_repos = repo_exists(module, repodata, overwrite_multiple)
|
|
|
|
if repo:
|
|
shortname = repo
|
|
else:
|
|
shortname = alias
|
|
|
|
if state == 'present':
|
|
if exists and not mod:
|
|
if runrefresh:
|
|
runrefreshrepo(module, auto_import_keys, shortname)
|
|
exit_unchanged()
|
|
rc, stdout, stderr = addmodify_repo(module, repodata, old_repos, zypper_version, warnings)
|
|
if rc == 0 and (runrefresh or auto_import_keys):
|
|
runrefreshrepo(module, auto_import_keys, shortname)
|
|
elif state == 'absent':
|
|
if not exists:
|
|
exit_unchanged()
|
|
rc, stdout, stderr = remove_repo(module, shortname)
|
|
|
|
if rc == 0:
|
|
module.exit_json(changed=True, repodata=repodata, state=state, warnings=warnings)
|
|
else:
|
|
module.fail_json(msg="Zypper failed with rc %s" % rc, rc=rc, stdout=stdout, stderr=stderr, repodata=repodata, state=state, warnings=warnings)
|
|
|
|
# import module snippets
|
|
from ansible.module_utils.basic import *
|
|
|
|
main()
|